Malware Reverse Engineering

Presented By: Joxean Koret

This course provides effective knowledge and hands-on experience on basic malware analysis. It introduces current and relevant techniques that will prepare students to become a proficient malware researcher heavily using IDA Pro.

This 2 day course will take place on the 11th & 12th March 2019 in London.
The price is £1,300 (inc VAT). Book your place in our shop now.

Learning Objectives

Understand Windows fundamentals

Develop reverse engineering skills

Gain familiarity with standard tools like IDA and Volatility

Reverse engineer real-world malware

Course Outline

Day 1:

Introduction to malware

Windows fundamentals

Executable file formats (PE)

Introduction to reverse engineering

Introduction

Tools & setting up a reverse engineering lab.

Brief Introduction to Graph theory

Static Analysis: from C to assembler

Manual Code reconstruction: from (any) assembler to C

Day 2:

Unpacking

Static unpacking

IDAPython.

Hands on various malwares.

Dynamic unpacking

Manual reconstruction

IDA Python batch automation

Memory dumping and analysis with volatility

Target Audience

Security staff working in, or looking to work in blue teams on malware analysis, and those with a keen interest in reverse engineering, but without the free time dedicated to developing their skills.

Students will be provided with

About the Trainer

Joxean Koret has been working for more than 15 years in many different computing areas. He started working as database software developer and DBA for a number of different RDBMS.

Afterwards he got interested in reverse engineering and applied this knowdlege to the DBs he was working with, for which he has discovered dozens of vulnerabilities in products from the major database vendors, specially in Oracle software.

He also worked in other security areas like malware analysis and anti-malware software development for an Antivirus company or developing IDA Pro at Hex-Rays.